Total Tests:

Chinese Hackers Cyber Espionage Campaign Linked To Microsoft Exchange Servers Compromise At Least 30,000 U.S. Organizations

By Alicia Hope for CPO Magazine
Thursday, March 18, 2021

Several hours later, the European Union body released a statement explaining that “no data extraction has been performed and we have no indication to think that the breach has gone beyond our email servers.”

“The exploitation of the 0days in question required some specific conditions (e.g. user account on the vulnerable system) and thus raises questions what exactly happened at EBA,” wonders Ilia Kolochenko, CEO at ImmuniWeb. “Another key question is when exactly EBA was compromised. If the intrusion had happened prior to the public disclosure of the vulnerability, it was just possible to do some system hardening and continuous monitoring for network anomalies – to prevent 0day exploitation – or at least to detect it in a timely manner.”

Kolochenko noted that EBA would hardly public agency affected by the cyber espionage campaign as more public authorities would discover being victims of exploitation through vulnerable Microsoft Exchange servers. Thus, he underscored the need for proper technical investigation before attributing an attack.

It’s also probable that the Chinese hackers will expand their attack vectors, while other threat actors will exploit the vulnerability to install backdoors for delivering malware and ransomware. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential